Search code, repositories, users, issues, pull requests…
Provide feedback
Saved searches
Use saved searches to filter your results more quickly
Sign up
I ran into this issue with two Domain Controllers that would not replicate. DC2 was getting this error: «The Active Directory cannot replicate with this server because the time since the last replication with this server has exceeded the tombstone lifetime»
Below are the steps I went through in order to remedy this situation and worked like a charm.
1. Verify which Domain Controller raised the 8614 error by using:
> repadmin /showrepl
or
> repadmin /showreps
* Run this command line in any DC not DC-A.
* In addition, open Event Viewer, in Applications and Services Logs, Directory Service, you will see an error with event ID 2042
According to Mirosoft knowledge base, it’s maybe because the domain controller contains what so called lingering objects: http://support.microsoft.com/kb/2020053. This is the most possible reason for the error, because everything else are OK (time, default tombstone lifetime).
2. So, I have to remove those lingering objects from all DCs:
> repadmin /removelingeringobjects DC-A.MYDOMAIN.COM 5b0b944e-de7b-4f96-942b-1e040169db36 «CN=Configuration,DC=MYDOMAIN,DC=COM»
+ DC-A.MYDOMAIN.COM : FQDN of DC-A
+ 5b0b944e-de7b-4f96-942b-1e040169db36 : the GUID of DC-A. You can get it from the command repadmin /showrepl DC-A.
+ «CN=Configuration,DC=MYDOMAIN,DC=COM»: NC in which DC-A raise the error (from the output of the command repadmin /showrepl)
* Repeat in all other DCs in forest.
3. Evaluate setting strict replication on all DCs in forest:
> repadmin /regkey * +strict
4. Set «Allow replication with divergent and corrupt partner = 1» on all DCs:
> repadmin /regkey * +allowDivergent
5. Flush DNS Cache and restart netlogon service in DC-A:
+ > ipconfig /flushdns
+ > net stop netlogon
+ rename netlogon.dns and netlogon.dnb file which locate in C:\Windows\System32\
+ > ipconfig /flushdns
+ > net start netlogon (this command will re-create netlogon.dns and netlogon.dnb files)
+ > ipconfig /registerdns
6. Check the replication of all DCs again using repadmin and Event Viewer
> repadmin /showrepl
7. Delete «Allow replication with divergent and corrupt partner» or set «Allow replication with divergent and corrupt partner = 0» in the registry of all DCs.
> repadmin /regkey * -allowDivergent
8. Check the replication of all DCs again using repadmin and Event Viewer
If you performed everything correctly, the Domain Controllers will now replicate successfully.
Hi,
I have check the DCDIAG log file and it looks like you have JRNL_WRAP_ERROR on you DC DERMSERVER2. Please run the check disk in read only mode on C: drive first. There may be disk corruption. You have to fixed that first. Please run the CHKDSK /F /R command
to fix the disk corruption error. If that fixed you might be able to resolved the issue. Else follow the link :
http://www.squidworks.net/2011/09/ntfrs-journal-wrap-errors-detected-on-domain-controller/
An Error Event occurred. EventID: 0xC0003500
Time Generated: 06/30/2015 22:44:07
Event String:
The File Replication Service has detected that the replica set «DOMAIN SYSTEM VOLUME (SYSVOL SHARE)» is in JRNL_WRAP_ERROR.
Replica set name is : «DOMAIN SYSTEM VOLUME (SYSVOL SHARE)»
Replica root path is : «c:\windows\sysvol\domain»
Replica root volume is : «\\.\C:»
A Replica set hits JRNL_WRAP_ERROR when the record that it is trying to read from the NTFS USN journal is not found. This can occur because of one of the following reasons.
[1] Volume «\\.\C:» has been formatted.
[2] The NTFS USN journal on volume «\\.\C:» has been deleted.
[3] The NTFS USN journal on volume «\\.\C:» has been truncated. Chkdsk can truncate the journal if it
finds corrupt entries at the end of the journal.
[4] File Replication Service was not running on this computer for a long time.
[5] File Replication Service could not keep up with the rate of Disk IO activity on «\\.\C:».
Setting the «Enable Journal Wrap Automatic Restore» registry parameter to 1 will cause the following recovery steps to be taken to automatically recover from this
error state.
[1] At the first poll, which will occur in 5 minutes, this computer will be deleted from the replica set. If you do not want to wait 5 minutes, then run «net stop ntfrs»
followed by «net start ntfrs» to restart the File Replication Service.
[2] At the poll following the deletion this computer will be re-added to the replica set. The re-addition will trigger a full tree sync for the replica set.
WARNING: During the recovery process data in the replica tree may be unavailable. You should reset the registry parameter described above to 0 to prevent automatic recovery from making
the data unexpectedly unavailable if this error condition occurs again.
-
Marked as answer by
Friday, July 3, 2015 10:46 PM
Hi — I am receiving replication errors on 2 of our DC’s in branch offices. Below are some snapshot errors from the repadmin command output.
Does anyone have a recommended efficient way to get these domain controllers replicating again?
I believe we had networking problems between these sites for a while but have since restored the networking issues. Thank You!!
(error) 8614 -The directory service cannot replicate with this server because the time since the last replication with this server has exceeded the tombstone lifetime.
Last attempt @ 2014-08-25 14:03:13 failed, result 8614 (0x21a6):
The directory service cannot replicate with this server because the time since the last replication with this server has exceeded the tombstone lifetime.
17431 consecutive failure(s).
Last success @ 2014-02-24 21:46:31.